Hi, After migrating my ISP config with the ISP migration toolkit bought on the official website, i face some problems, in particular with let's encrypt. After trying to solve this problem with the multiple thread found on this forum without success here is my actual situation : I have uninstalled all let's encrypt binaries. I have installed let's encrypt following this doc : https://www.howtoforge.com/tutorial...ovecot-ispconfig-3-1/2/#-install-lets-encrypt. I have restarted my server but nothing to do it's not working : /etc/letsencrypt and sub directory doesn't exist ssl & let's encrypt checkbox still unchecked. SSL unsigned works but let's encrypt don't. Anyone have an idea how to fix this let's encrypt issues? My report, OS is Debian 9 Code: ##### SERVER ##### IP-address (as per hostname): ***.***.***.*** [WARN] could not determine server's ip address by ifconfig [INFO] ISPConfig is installed. ##### ISPCONFIG ##### ISPConfig version is 3.1.13p1 ##### VERSION CHECK ##### [INFO] php (cli) version is 7.0.33-0+deb9u3 ##### PORT CHECK ##### ##### MAIL SERVER CHECK ##### ##### RUNNING SERVER PROCESSES ##### [INFO] I found the following web server(s): Apache 2 (PID 798) [INFO] I found the following mail server(s): Postfix (PID 1026) [INFO] I found the following pop3 server(s): Dovecot (PID 657) [INFO] I found the following imap server(s): Dovecot (PID 657) [INFO] I found the following ftp server(s): PureFTP (PID 1106) ##### LISTENING PORTS ##### (seulement () Adresse (distante) [anywhere]:995 (657/dovecot) [localhost]:10023 (726/postgrey) [localhost]:10024 (1066/amavisd-new) [localhost]:10025 (1026/master) [localhost]:10026 (1066/amavisd-new) [localhost]:10027 (1026/master) [anywhere]:587 (1026/master) [localhost]:11211 (577/memcached) [anywhere]:110 (657/dovecot) [anywhere]:143 (657/dovecot) [anywhere]:465 (1026/master) [anywhere]:21 (1106/pure-ftpd) ***.***.***.***:53 (582/named) [localhost]:53 (582/named) [anywhere]:22 (643/sshd) [anywhere]:25 (1026/master) [localhost]:953 (582/named) [anywhere]:993 (657/dovecot) *:*:*:*::*:995 (657/dovecot) *:*:*:*::*:10023 (726/postgrey) *:*:*:*::*:10024 (1066/amavisd-new) *:*:*:*::*:3306 (962/mysqld) *:*:*:*::*:10026 (1066/amavisd-new) *:*:*:*::*:587 (1026/master) [localhost]10 (657/dovecot) [localhost]43 (657/dovecot) *:*:*:*::*:80 (798/apache2) *:*:*:*::*:8080 (798/apache2) *:*:*:*::*:465 (1026/master) *:*:*:*::*:8081 (798/apache2) *:*:*:*::*:21 (1106/pure-ftpd) *:*:*:*::*:53 (582/named) *:*:*:*::*:22 (643/sshd) *:*:*:*::*:25 (1026/master) *:*:*:*::*:953 (582/named) *:*:*:*::*:443 (798/apache2) *:*:*:*::*:993 (657/dovecot) ##### IPTABLES ##### Chain INPUT (policy ACCEPT) target prot opt source destination f2b-pureftpd tcp -- [anywhere]/0 [anywhere]/0 multiport dports 21 f2b-postfix-sasl tcp -- [anywhere]/0 [anywhere]/0 multiport dports 25 f2b-sshd tcp -- [anywhere]/0 [anywhere]/0 multiport dports 22 Chain FORWARD (policy ACCEPT) target prot opt source destination Chain OUTPUT (policy ACCEPT) target prot opt source destination Chain f2b-postfix-sasl (1 references) target prot opt source destination REJECT all -- ***.***.***.*** [anywhere]/0 reject-with icmp-port-unreachable REJECT all -- ***.***.***.*** [anywhere]/0 reject-with icmp-port-unreachable RETURN all -- [anywhere]/0 [anywhere]/0 Chain f2b-pureftpd (1 references) target prot opt source destination RETURN all -- [anywhere]/0 [anywhere]/0 Chain f2b-sshd (1 references) target prot opt source destination RETURN all -- [anywhere]/0 [anywhere]/0 Regards
The /etc/letsencrypt directory must exist after you had run: cd /usr/local/bin wget https://dl.eff.org/certbot-auto chmod a+x certbot-auto ./certbot-auto --install-only to install letsencrypt. Please rerun the commands to ensure certbot is really installed.
Hi, Thank you for your reply I proceeded to the reinstallation: Code: 21:43:39 [root@isp01:/usr/local/bin]# wget ****certbot-auto 2019-05-12 21:43:46 (31,5 MB/s) — « certbot-auto » sauvegardé [68023/68023] 21:43:46 [root@isp01:/usr/local/bin]# chmod a+x certbot-auto 21:43:51 [root@isp01:/usr/local/bin]# ./certbot-auto --install-only Certbot is installed. /etc/letsencrypt is not created : So, I make the following command : Code: 21:43:57 [root@isp01:/usr/local/bin]# rm -rf /opt/eff.org/ 21:44:25 [root@isp01:/usr/local/bin]# ./certbot-auto --install-only Lecture des listes de paquets... Fait Lecture des listes de paquets... Fait Construction de l'arbre des dépendances Lecture des informations d'état... Fait augeas-lenses is already the newest version (1.8.0-1+deb9u1). libaugeas0 is already the newest version (1.8.0-1+deb9u1). ca-certificates is already the newest version (20161130+nmu1+deb9u1). gcc is already the newest version (4:6.3.0-4). libffi-dev is already the newest version (3.2.1-6). libssl-dev is already the newest version (1.1.0j-1~deb9u1). openssl is already the newest version (1.1.0j-1~deb9u1). python is already the newest version (2.7.13-2). python-dev is already the newest version (2.7.13-2). python-virtualenv is already the newest version (15.1.0+ds-1). virtualenv is already the newest version (15.1.0+ds-1). 0 mis à jour, 0 nouvellement installés, 0 à enlever et 0 non mis à jour. Creating virtual environment... Installing Python packages... Installation succeeded. Certbot is installed. 21:44:51 [root@isp01:/usr/local/bin]# /etc/letsencrypt still not exist : Really strange
Enable debug mode in ispconfig: https://www.faqforge.com/linux/debugging-ispconfig-3-server-actions-in-case-of-a-failure/ then emable ssl and letsencrypt checkbox in a website, then run server.sh script as root user as described in the debug instructions and post the result that you get on the shell.
Hi, My Log : What could be the consequences if I disable the migration mode? The fact that this mode of migration is activated, come from the error of execution of the migration toolkit at the end of the script. The cleaning tasks could not run because apache (new server) refused to restart. An argument in the conf file was no longer compatible. Regard,
You have to disable the migration mode when the migration is finished and the tool was not able to do it automatically. The mode is required to avoid that new LE certs are requested during migration before the actual domains point to the new server.